How to Remove NICs from a vDS via CLI

🎬 Intro

#

In my apartment, I have an ESXi host that runs some local services including my router/firewall. vCenter is located offsite, which is fine, usually. All my hosts run vDS, and this just caused me a massive headache when doing some maintenance.

So, I finally wanted to migrate from my last pfSense install to OPNsense. Everything was set up, so logically all I had to do was:

• Disconnect both NICs from the pfSense VM
  • Network drops as I no longer have routing; this is fine as I put myself in the management L2 segment.
• Enable NICs on the OPNsense VM
• ???
• Profit

So, I disable pfSense NICs, and everything drops; fine. I log into the local console of ESXi to enable the OPNsense NICs, only to remember that, without vCenter, you can do nothing to vDS-related networking.

Usually, when doing something like this, you would create a vSS, move the VMs to the vSS, perform the work, and then move everything back once connectivity to vCSA is restored.

You may see something like this when trying to enable NICs locally on a host:

Next steps here are to change the interfaces on the VM from a vDS switch to vSS, which is fine if you have that ready to go; I did not. This is where I encountered issues. Trying to add NICs to the vSS kept giving me this error:

This error is due to the fact that I had configured all four of the machine’s NICs to ‘auto assign’ uplinks. I had done this to all the NICs so it didn’t matter which I plugged in; it would just work. However, this means that the NICs are not available to be added to the vSS, even though they are available on the host and it does seem to want to let you.

If you’re stuck in this situation and you have one NIC only, then you’re going to have to bust out the OOB or monitor and keeb.

This is where you need to SSH in and do the following:

🔧 Fix

#

Get the vDS information with:

1

esxcli network vswitch dvs vmware list

This will give you a list of your vDS’s along with the uplinks and port groups.

For me, this looked something like this:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

[root@lcy-esx02:~] esxcli network vswitch dvs vmware list
lcy-vds01.internal.muffn.io
   Name: lcy-vds01.internal.muffn.io
   VDS ID: 50 16 ea 71 ee f4 ba cb-72 72 2d d6 38 14 b3 d2
   Class: cswitch
   Num Ports: 2560
   Used Ports: 13
   Configured Ports: 512
   MTU: 1500
   CDP Status: listen
   Beacon Timeout: -1
   Uplinks: vmnic1, vmnic2, vmnic3, vmnic0
   VMware Branded: true
   DVPort:
         Client: vmnic0
         DVPortgroup ID: dvportgroup-98
         In Use: true
         Port ID: 56

         Client: vmnic3
         DVPortgroup ID: dvportgroup-98
         In Use: true
         Port ID: 57

         Client: vmnic2
         DVPortgroup ID: dvportgroup-98
         In Use: true
         Port ID: 58

         Client: vmnic1
         DVPortgroup ID: dvportgroup-98
         In Use: true
         Port ID: 59

         Client: vmk0
         DVPortgroup ID: dvportgroup-99
         In Use: true
         Port ID: 0

Now, we can clearly see here that we have four uplinks assigned; this is my issue:

1

Uplinks: vmnic1, vmnic2, vmnic3, vmnic0

To remove a NIC from the vDS, you can use the following command:

1

esxcfg-vswitch -Q {NIC-NAME} -V {NIC-PID} {vDS-NAME}

Where:

• -Q: removes the uplink
• -V: specifies the port ID
• {NIC-NAME}: the name of the NIC to remove
• {NIC-PID}: the port ID of the NIC to remove
• {vDS-NAME}: the name of the vDS

The first command gives you everything you need.

For me to remove vmnic1 from lcy-vds01.internal.muffn.io, I would run:

1

esxcfg-vswitch -Q vmnic1 -V 59 lcy-vds01.internal.muffn.io

You will not get any output, but you can verify it worked by running the first command again and verifying that the uplink has been removed.

You can now use that vmnic on a vSS as needed.

Hope this helped ~~muffn.